Skype security flaw leads to hijacked accounts

15 November 2012
By David Spencer
Mobile version
Share |
Almost 30 million people use Skype daily

Almost 30 million people use Skype every day

The VoIP communications-service Skype has had to suspend its password reset function after it was found that a security flaw made it possible to hijack user accounts.

Skype’s developers, Microsoft, have updated the password-resetting capabilities and will fix a flaw that reportedly has made the feature vulnerable to account-takeover attacks that were trivial to carry out. It has been reported that this security flaw was originally exposed on a Russian forum some months ago.

Also liable to hijacking are answerphone messages, old text messages and conversations, as well as sensitive user details.

A Skype spokesman said: "Early this morning we were notified of user concerns surrounding the security of the password reset feature on our website."

The hijacking issue has affected users who are registered to multiple Skype accounts with the same email address. Skype’s spokesman said: “We suspended the password reset feature temporarily this morning as a precaution and have made updates to the password reset process today so that it is now working properly."

Skype is also calling upon a small number of its users who have been affected to assist in the recovery. The spokesperson added: “Skype is committed to providing a safe and secure communications experience to our users and we apologise for the inconvenience."

The latest security flaw follows news last month that the company could distribute malware via its instant message tool.

It proves an embarrassing development for the Microsoft-owned company as they have been attempting to encourage their Windows Live Messengers to make the move to Skype. Microsoft hopes to retire Windows Live Messenger in all countries bar China by March 2013.

Latest Issue

E&T cover image 1607

"As the dust settles after the referendum result, we consider what happens next. We also look forward to an international summer of sport."

E&T jobs

  • Chair in Integrated Sensor Technology

    The University of Edinburgh
    • Edinburgh, City of Edinburgh

    The University of Edinburgh is one of the world’s top 20 institutions of higher education.....

    • Recruiter: The University of Edinburgh

    Apply for this job

  • Principal Electrical Engineer - Power

    BAE Systems
    • Bristol, England / Cumbria, Barrow-In-Furness, England
    • Negotiable

    Principal Electrical Engineer - Power Join our Electrical Power team and help design the self-contained generation and distribution system for the Successor submarine - a new generation of submarine designed to carry the UK's independent nuclear deterrent

    • Recruiter: BAE Systems

    Apply for this job

  • Operations Supervisor (Mechanical/Electrical/Instrumentation)

    National Grid
    • England, Cambridgeshire
    • £33000 - £39000 per annum

    Operations Supervisor - (Mechanical/Electrical/Instrumentation) Salary: Circa £33k - 39k dependant on experience + vehicle and great additional benefits (share scheme, pension, potential bonus).Location: Wisbech - Cambridgeshire We currently have an excit

    • Recruiter: National Grid

    Apply for this job

  • Lead NDT Trainer

    BAE Systems
    • England, Lancashire
    • Competitive package

    Would you like to be involved with training UK and international teams in Non Destructive Inspection (NDI) to support the in service fleet (Typhoon Tornado, and Hawk)?

    • Recruiter: BAE Systems

    Apply for this job

  • Systems Design - Emerging Portfolio

    MBDA
    • Bristol
    • Competitive Salary & Benefits

    What?s the opportunity?   There are fantastic opportunities in Systems Design for engineers to work within Future Systems. These are highly visible, fast paced roles, in...

    • Recruiter: MBDA

    Apply for this job

  • Metering Engineer

    Department for Business, Innovation and Skills
    • Teddington, United Kingdom
    • £24,109 - £27,961 plus EO Electronics PE of £8,090.00

    We are now looking for a Metering Engineer to deliver RD’s In-Service Testing (IST) scheme for gas and electricity meters.

    • Recruiter: Department for Business, Innovation and Skills

    Apply for this job

  • Head of Operational Estates

    Premium job

    The Shrewsbury and Telford Hospital NHS Trust
    • Shrewsbury, Shropshire
    • £46,625 to £57,640 per annum

    As an experienced Estates Manager, you will play a key role in helping to shape the future of the Estates service.

    • Recruiter: The Shrewsbury and Telford Hospital NHS Trust

    Apply for this job

  • Assistant Professor (Tenure Track) of Smart Building Solutions

    Premium job

    ETH Zurich
    • Zurich, Canton of Zürich (CH)

    The successful candidate is expected to develop a strong and visible research programme in the area of control and diagnostics of building systems

    • Recruiter: ETH Zurich

    Apply for this job

  • Process Controls Leader

    Premium job

    Phillips 66
    • Humber Refinery, South Killingholme, North Lincolnshire DN40 3DW
    • £60k - 75k plus extensive Compensation and benefits package, dependent upon experience

    Experienced Process Control Leader providing leadership and technical support for Oil Refinery. Extensive Compensation and benefits package.

    • Recruiter: Phillips 66

    Apply for this job

  • Regional Technical Support Manager

    Premium job

    Siemens
    • Warwick, Warwickshire

    You will be required to lead the regional Customer Services strategy and resources to maximise Customer satisfaction.

    • Recruiter: Siemens

    Apply for this job

More jobs ▶

Subscribe

Choose the way you would like to access the latest news and developments in your field.

Subscribe to E&T